Verify Slack for Linux (beta) package signatures

Note: To download Slack for Linux (beta) visit

Slack for Linux (beta) app’s packages are signed with GPG keys to show that they are coming from Slack. You’ll want to use the signatures to verify the authenticity of our packages.

Verify package signatures

Important: To complete these steps, you'll need superuser privileges.

RPM-based distributions

Debian-based distributions

  1. Download Slack's public key:  wget
  2. Import Slack’s public key into RPM: 
    sudo rpm --import slack_pubkey.gpg
  3. Check the package signature:
    rpm --checksig slack-2.8.0-0.1.fc21.x86_64.rpm
    The output should say: 
    slack-2.8.0-0.1.fc21.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
Here's how to verify package signatures using debsig-verify 0.14, which is in Ubuntu 16.04.
  1. The Slack for Linux (beta) app is signed using debsigs. You will need to install the program debsig-verify to verify the packages: sudo apt install debsig-verify
  2. Next, download Slack's public key:
  3. Create directories to store debsigs policies and keyrings for Slack’s public key: 
    sudo mkdir -p /usr/share/debsig/keyrings/7253C9C8BF6A7041
    sudo mkdir -p /etc/debsig/policies/7253C9C8BF6A7041
  4. Import Slack’s public key into the corresponding debsigs keyring:
    sudo gpg --no-default-keyring --keyring /usr/share/debsig/keyrings/7253C9C8BF6A7041/debsig.gpg --import slack_pubkey.gpg
  5. Create a new file in your editor of choice:

    Then, paste the following:
    <?xml version="1.0"?>
    <!DOCTYPE Policy SYSTEM "">
    <Policy xmlns="">
    <Origin Name="Slack" id="7253C9C8BF6A7041" Description="Slack"/>
    <Required Type="origin" File="debsig.gpg" id="7253C9C8BF6A7041"/>
    <Required Type="origin" File="debsig.gpg" id="7253C9C8BF6A7041"/>
  6. Save the file, and exit the editor.
  7. Check the package signature:
    debsig-verify slack-desktop-2.8.0-amd64.deb
    The output should say: 
    Debsig: Verified package from ‘Slack’ (Slack)